Civil Society : Emergence : Technology : World

August 23, 2004

Well, it's pretty obvious that I've been focusing on things other than my personal blog for the past six months or so -- except for the occasional sweep for comment spam. (I wish there was an easier way to leave comments enabled but prevent this kind of spam.)

So I'm going to temporarily break my policy about this being my personal blog, and write a little bit about what I've been up to professionally.

Our Foundation recently completed a significant strategic re-evaluation project which resulted in the expansion of our funding efforts. In June, we created the Omidyar Network, a new organization that will fund for-profit organizations as well as non-profits.

To understand why we decided to expand, you have to understand how I look at things like eBay and Meetup.

In talking about eBay over the past few years, I've emphasized the way eBay has helped people pursue their individual passions and discover their own power to make good things happen; how they've become empowered by participating in an open and honest marketplace, in a level playing field, meeting and working/trading with people who share their interests.

When I first learned about Meetup, I saw much of the same thing at work, though quite different on the surface: people discovering their own power, and connecting with others to realize that power to make good things happen.

Ever since eBay, I've been inspired by people discovering their own power, and believed that every individual can make a difference. It seems obvious now, but we finally asked ourselves the question: "If eBay is such a good example of people discovering their own power, then does it make sense that as a Foundation, we wouldn't be able to invest in something like eBay?"

We realized that legal structure -- for-profit versus non-profit -- wasn't all that relevant to what we believed in. What was important was our simple core belief: that every individual has the power to make a difference.

So, we created the Omidyar Network for one single purpose: so that more and more people discover their own power to make good things happen.

Since June we have funded efforts in a number of areas:

Microfinance

Bottom-up Media

Open Source

Intellectual Property

Voting

Social Software

The last two bear a special mention since I've discussed both on this blog. Our support of voting efforts currently concentrates on getting more and more people to the polls, so that they can discover their own voice and power to make a difference in our democracy.

On the social software side, good things happen when people work together in a bottom-up way, discovering their own power, and connecting with others. Socialtext is a great tool and Ross Mayfield is an excellent ambassador for the field.

So that's what I've been up to, and I'm sorry for not posting more regularly. Realistically, I probably won't be posting all that regularly in the future -- I've got my hands pretty full with the Network right now.

March 14, 2004

Ross Mayfield has a blog entry about it, complete with excerpts and a link to the complete article, here. Looks like a great piece -- congratulations, Ross!

I've started using SocialText recently along with a team at our foundation. We're in the midst of a whole bunch of strategic planning work, as we try to refocus our efforts for greater impact. We've had incredibly rapid adoption of this new tool, especially for group brainstorming and sharing learnings. This has been especially gratifying since most of the team are pretty agnostic when it comes to technology.

Again, nice job to Ross and his team. Thanks for helping me and my team be more productive during this important phase of our evolution.

David Dill of VerifiedVoting.org had claimed that progress on Holt's legislation had been held up pending a clearer view of which Senate version would gain the most support. Clinton and Graham's jointintroduction of a new version should help move things forward.

(Their legislation is tentatively titled "The Restore Elector Confidence in Our Representative Democracy Act (RECORD Act). The only reason it took so long for Senators Clinton and Graham to get together on this issue is the time it took to come up with a clever acronym. :-))

The bill is not on Thomas yet, but Senator Clinton's office provided me with a summary. Here are the key provisions:

Requires all voting systems to produce a voter-verified paper record for use in manual audits.

Machines would print a receipt that each voter could verify as accurate and deposit into a lockbox for later use in a recount.

Importantly, the legislation also provides (at least some) federal funding for these provisions.

This looks like great progress. I am especially pleased with the acceleration of the deadline to November 2004, and the provision which would allow jurisdictions to use paper ballots as an interim measure rather than unproven computer systems. This should help relieve the pressure of the rush towards electronic systems that are flawed, as has been written extensively about.

Personally, I'd like to see a requirement of manual audits of a statistically significant portion of ballots in all jurisdictions. This is probably a very expensive proposition, but it's the only way I see to verify that an electronic system works as advertised. Maybe the law can provide for a way for interested parties to pay for an audit if election officials refuse to pay.

The political process is always one of compromise, which is a good thing. It usually ensures that progress is made in small steps. People in government should first do no harm, then act in the public interest, stepping as lightly as possible to avoid unintended consequences. We see what happens when people act precipitously, as they did after September 11th. It will probably take years to correct some of the imbalances created since then.

All in all, on the issue of ensuring that every vote is properly cast and counted, this joint bill seems like a good step forward. Given the emphasis on the November 2004 election, my guess is that it will be politicized and deferred until the next session. I hope not, and I am certainly not an experienced political observer, so I hope I'm wrong. If there are any Republicans out there following this issue, please act now to ensure it isn't your candidate who is harmed by a faulty system in November! This is not a partisan issue -- technology failures can harm any candidate or party. So take action.

Otherwise, I fear this November election will be decided by the courts, again.

March 01, 2004

In Georgia's 2002 senatorial election, Democratic incumbent Max Cleland was defeated by Republican Saxby Chambliss. Polls leading up to the election showed the incumbent in the lead, but he lost decisively.

According to someone who worked through the summer leading up to the election to prepare the Diebold voting machines for the election, there were constant problems with the hardware and software, and growing pressure as the "ship date," the election, drew near.

Apparently Diebold updated the software at least three times while he was there. Diebold and the state of Georgia deny this claim: they say the software was only updated once, and not at the last minute.

Now, anyone that works with software knows that you're almost equally likely to introduce a new bug when fixing an old one. Last minute changes before shipping your software to customers is generally a bad idea. If Georgia allowed Diebold to make last minute changes, which they deny, then citizens ought to take their business elsewhere.

Any changes to the software or hardware configurations of a voting system should be completed six months prior to its use in an election, to allow time to test, publicly inspect, and certify the code. Of course, election data such as candidates and ballot measures should be loaded as early as possible, to allow final integration testing.

Now, on to Nebraska, and the idea of counting your own votes. Senator Chuck Hagel, who used to run a company that electronically counts paper ballots, defeated challenger Charlie Matulka. As Adam says in his editorial, "Mr. Matulka, suspicious of Senator Hagel's ties to the voting machine company, demanded a hand recount of the paper ballots. Nebraska law did not allow it, he was informed. 'This is the stealing of our democracy,' he says."

Whether or not there was foul play in counting these votes -- there probably wasn't -- our democracy depends on the appearance of fairness. People who run companies that count our votes shouldn't be running for office unless they clearly separate themselves from these companies -- they should advocate laws that provide greater voter confidence. And they shouldn't be out there raising money prominently for a particular candidate or party, as Diebold's chief executive has done quite publicly.

Adam says:

A healthy democracy must avoid even the appearance of corruption. The Georgia and Nebraska elections fail this test. Once voting software is certified, it should not be changed — not eight times, not once. A backup voting method should be available, so if electronic machines fail or are compromised shortly before an election, they can be dropped.

Votes must be counted by people universally perceived as impartial. States should not buy machines from companies that have ties to political parties, and recent company executives should not be running for elections on those machines.

The idea of a backup voting method is one I strongly endorse, to avoid the pressure and potential for failure and corruption of last minute changes.

There is far too much evidence showing that electronic voting systems are corruptible, whether intentionally or not. As voters, we should insist that our votes are properly counted. As Super Tuesday arrives tomorrow, and as November draws closer and closer, I feel we're headed towards a disaster of a crisis of confidence. If you're a public official in charge of running elections for your county, you should be concerned about this.

February 09, 2004

I received the following information from someone I consider to be a reliable source, who is working on the installation of voting machines for a county that has used paper ballots until now.

The first e-mail I received piqued my interest with the following description of a supposedly tamper-evident seal:

Well, the security on the voting machines is a joke. For the next two to three weeks we'll be doing final software upgrades on the voting machines and 'securing' them with a safety sticker and a zip-tie. The zip-tie -- other than being blue -- is generic. The safety sticker isn't particularly unique. Give me a digital camera and a laserprinter and I could reproduce one. There are no security cameras in the warehouse. There is a samsonite padlock on the cages, except for the back route which is accessible through two locked doors.

On Saturday, they demonstrated the safety sticker to us. After applying a sticker, they opened the voting machine. It was supposed to tear in two or deform. The first time, the sticker came off clean. The second time it came off clean. The third time it bent a bit but didn't tear. They declared the trials a success.

We're supposed to swab down the contact area with alcohol and that's going to make all the difference.

It's murky but my understanding is that the only record kept is internal, a running tally of all votes cast. There is no individual paper record kept separately and compared to the machine tallies. An audit is only as good as the machine's integrity.

With respect to how someone might gain illicit access to the machines, my source had this to say:

For example: the main building, including the offices of the Registrar and the warehouse area is run through by a long corridor, a kind of tunnel. It runs from front parking lot to back parking lot. Mid-way down the corridor, there is a 10-key keypad next to a ladies'/men's room which gives access to the building. Someone remarked to me, as we strolled down the corridor, that 4 of the 10 keys show smudges/heavy wear. That makes it pretty clear that there are 24 combinations (4 factorial) to come up with the proper combination. That corridor is always open and assuming the combination lock works at night (I'd bet my eye teeth on it) and that there is no alarm set at 10 pm (again, I'd bet on it), that gets you to the inside of the building, probably to the gated area, probably to the machines themselves. There is another route through the back which is also secured by two door locks. Neither is especially impressive as locks go. They look like the sort of thing my roommate in graduate school opened with a set of lockpicks, once, for fun, your basic tumbler locks. They are not the magnetic locks I saw in school for labs or rooms with expensive equipment. Either way, at this point you're a skip and a hop from the machines.

According to this source, the good news may be that election officials and contractors are so disorganized:

Ironically, the chaos in the program may be its best security measure. We don't know when the software will be added to the machines and we don't know exactly how much of a gap there is between final loading of software and the sealing the machines and their being rolled onto trucks, taken away, and showing up at precincts. If we load the software this Thursday, then send them out, they're physically *somewhere* and wherever they are, the seals can be broken, the software modified, the seals refashioned. I could tell you by glancing at some pouches we put on a table which machines will go to which precincts. So I know which machines I'd have to track down after they are updated if I want to affect certain precincts (say to change the balance of the House of Representatives). Where those machines will be, back in the warehouse where they are currently or on a truck somewhere, is unclear. Obviously that's important if you want to tamper with them but it's the uncertainty as to where they are that makes it difficult to get to them after this software update, not the machine security and not the building security.

This could be a problem: with no permanent paper record, shoddy software security, and shoddy physical security, it's going to be hard to assure that these elections aren't tampered with.

The picture being painted here is that with a few minutes in a back room somewhere, vote counts on a particular machine could be altered with no evidence of tampering.

It would be so simple to require a permanent paper record that would safeguard every vote, or at least be tamper-evident, in a way that only paper can be. For example, each voting machine could have a spool of tamper-evident paper to record each vote, verified by the voter under glass. These spools would easily show evidence of any tampering, and the spools themselves could be serialized, so you would know if an entire spool went missing. Just an idea -- I know, it'll take millions of dollars and years to implement this advanced technology.

(If you want to learn more and find out what citizens can do, see blackboxvoting.org and verifiedvoting.org. If you have more information on any of these issues, please contact me or speak up.)

February 06, 2004

So, I'm in a hotel room in Boston, listening to some Moby in my iTunes, and I happen to notice a little blue icon in my list of playlists that I haven't seen before... it says: Joe Below's Music (name changed to protect the identity of the innocent).

And now, I can't help myself but to scan through his list of tunes. It looks nothing like mine. It's like the obsessive/compulsive scanning of friends of friends on Orkut, except here, I can listen to Air Supply, or Gloria Estefan, or Sha-Na-Na, or something called "conjugal visit" which looks suspiciously like it might be a voice memo, so I'm staying away from it.

I look in my iTunes preferences, and I notice that I have sharing enabled too... so he might be perusing my collection of music at the same time. Anonymous intimacy.

There's something creepy about this experience. Hotel rooms when you're by yourself are already a little creepy, since you don't really know what's going on behind that wall. But now, thanks to WiFi and Rendezvous, the walls become virtual and I have a glimpse into one of my neighbors' soul. Or Pop, or Disco, or whatever. Now, I wonder, is he next door? Or above? Or below?

I check the lock on my door. But I also feel a little bit like a Peeping Tom. Is there a word for this phenomenon yet?

January 29, 2004

I had a disk crash and lost my MoveableType database... it's in the process of being restored from backups now but things may not be fully restored, since the disk had media errors that prevented successful daily backups for a few weeks, it looks like.

January 28, 2004

First Clay Shirky suggests in an excellent piece that the Howard Dean campaign's exemplary use of the Internet (and social software) may have contributed to its disappointing showing in Iowa and New Hampshire. Then, Howard Dean's campaign manager, Joe Trippi, who was also the architect of Dean's Internet strategy, resigns (or is fired).

I guess political campaigns and the Internet have this much in common: instant feedback and near-instant reaction to that feedback. Let's just hope this doesn't diminish the perceived value of the kind of inclusive campaign Joe Trippi ran for Howard Dean.